Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6b05bea9195fa2aa09b6c86038221073_JaffaCakes118
-
Size
484KB
-
Sample
240523-p9vgtsbg62
-
MD5
6b05bea9195fa2aa09b6c86038221073
-
SHA1
5b62fe9202aba72540d674741d3fd024641cac4f
-
SHA256
ea31594f27362ee525951c5a3d47a94b66cdbb51a7227c4381d622df57c7c7bc
-
SHA512
8bfb1d02d1eb64118db00ab619fbe4a3a830c06b7782b12d96f40e5c1b762c7a6f77748a39f549405664b31db477684f502c780561d0740b9b30c289a2506800
-
SSDEEP
6144:zdlSApEXv/354poAMzSVIhl9EKRDqME4yanMjdn/NQVg+D3Do8oRtxQwvVAJTVH:zDSApaX54poA8SVIf51E4K14o8IuD
Static task
static1
Behavioral task
behavioral1
Sample
6b05bea9195fa2aa09b6c86038221073_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6b05bea9195fa2aa09b6c86038221073_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://www.venturelendingllc.com/Wxw9QNt8I
http://barabooseniorhigh.com/FWLR2ZT
http://mimiabner.com/x7bQDOiSJe
http://vesidailucachau.com/F1zcXKyj
http://altuntuval.com/8cfiGmIXk
Targets
-
-
Target
6b05bea9195fa2aa09b6c86038221073_JaffaCakes118
-
Size
484KB
-
MD5
6b05bea9195fa2aa09b6c86038221073
-
SHA1
5b62fe9202aba72540d674741d3fd024641cac4f
-
SHA256
ea31594f27362ee525951c5a3d47a94b66cdbb51a7227c4381d622df57c7c7bc
-
SHA512
8bfb1d02d1eb64118db00ab619fbe4a3a830c06b7782b12d96f40e5c1b762c7a6f77748a39f549405664b31db477684f502c780561d0740b9b30c289a2506800
-
SSDEEP
6144:zdlSApEXv/354poAMzSVIhl9EKRDqME4yanMjdn/NQVg+D3Do8oRtxQwvVAJTVH:zDSApaX54poA8SVIf51E4K14o8IuD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-